setOptions('ftpHost', $ftpServer);
//configuring the port according to malware or false-positive submission
($submission_type == 0) ? $ftpTransfer->setOptions('ftpPort','215') : $ftpTransfer->setOptions('ftpPort','2110'); //215 - Malware/Suspicious, 2110 - False-Positive
$ftpTransfer->setOptions('ftpUserName',$ftpuser);
$ftpTransfer->setOptions('ftpPass', $ftppass);
for($i=0; $i < count($_FILES['upload']['name']); $i++)
{
//check the size and add the files to be transferred to FTP
if( $_FILES['upload']['size'][$i] <= MAXIMUM_UPLOAD_LIMIT )
{
//create the remote file name according to specification
$remote_file_name = sha1_file($_FILES['upload']['tmp_name'][$i]) . " 4 webinterface " . $email . " " . $_FILES['upload']['name'][$i];
//retrieve the temporary file name
$localfile = $_FILES['upload']['tmp_name'][$i];
//add the files to the queue list
$ftpTransfer->addFiles(array('local_file'=>$localfile, 'remote_file_name'=>$remote_file_name, "submission_type"=>$submission_type));
//submit the files
//expected result for success is 0(zero)
if($ftpTransfer->submitFiles())
{
//an error occured during ftp transfer
//pack and submit it back to the user
echo '{ "error": "true", "msg" : "' . $ftpTransfer->getLastError() . '"}';
exit();
}else{
$submittedFiles[] = $_FILES['upload']['name'][$i] .'=>'. $remote_file_name;
}
}else{
echo '{ "error": "true", "msg" : "Please submit files smaller then' . (MAXIMUM_UPLOAD_LIMIT / 1048576) . ' MB"}';
exit();
}
}
if($submission_type == 1)
{
$subject = 'False-Positive';
$body = 'Malware name: ' . strip_tags($_POST['malware_name']) . "\n";
}else{ $subject = 'Malware/Suspicious'; };
$body .= "Submitted files: \n\n";
foreach($submittedFiles as $file)
$body .= '--'. $file . "\n";
$body .= "\nUser e-mail: " . strip_tags($_POST['email']) ."\n";
$body .= "User comments: \n" . strip_tags($_POST['comments']) . "\n";
if (!sendEmail(ADMIN_EMAIL_IDS, FROM_EMAIL_ID, $subject, $body, $headers='') )
{
echo '{ "error": "true", "msg" : "There was a problem sending email."}';
exit();
}
//if upload was successfull and email was successfull
//send reply ok
echo '{ "error": "false", "msg" : " Thank you for your submission.
The file was uploaded successfully and will shortly undergo analysis by the Comodo technicians. Your valuable contribution will help improve the effectiveness of the Comodo products and so help us in our mission to provide the very highest levels of security to users worldwide.
If you would like to submit more files then click here to return to the submission form.
"}';
exit();
}
else{
$errors = implode("|", $errorMessage);
//return to page and display error messages
echo '{ "error": "true", "msg" : "' . $errors . '" }';
exit();
}
}else{
//return to page and display error message no files were uploaded
echo '{ "error": "true", "msg" : "Please select at least one file to submit or check if the file can be opened." }';
exit();
}
//form submission validation
function validateFormEntries($data)
{
global $error;
global $errorMessage;
$zeroSize = '';
//check if email address is valid
if(!preg_match("/^([_a-z0-9-]+)(\.[_a-z0-9-]+)*@([a-z0-9-]+)(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/i", $data['email']))
{
$error = true;
$errorMessage[] = 'Please enter a valid e-mail address.';
}
//check if the page is the false-positive submission and if user entered the malware name
if( $data['submission_type'] == 'false-positive-submission' && $data['malware_name'] == '')
{
$error = true;
$errorMessage[] = 'Please enter malware name.';
}
//check if user agreed to the TOS
if( ($data['terms']) != 'on' )
{
$error = true;
$errorMessage[] = 'Please read and agree to the terms and conditions.';
}
//check if user selected atleast one file for upload
if( !isset($_FILES) )
{
$error = true;
$errorMessage[] = "Please select a file to upload.";
}else{
for($i=0; $i < count($_FILES['upload']['name']); $i++)
{
if($_FILES['upload']['size'][$i] <= 0 && $_FILES['upload']['name'][$i] != '')
{
$zeroSize = true;
break;
}
}
if( true == $zeroSize )
{
$error = true;
$errorMessage[] = 'Please upload files with a size greater than 0 bytes.';
}
}
return $error;
}
?>